www.trafficit.online/go/ce4e607a-edbc-4366-9680-884e802bce20
3.70.16.242 338 B URL www.trafficit.online/go/ce4e607a-edbc-4366-9680-884e802bce20
IP 3.70.16.242:0
File type HTML document, ASCII text, with very long lines (338), with no line terminators
Hash 69e609317d25ff24d9d59337a6b64c91
cfdf33941287866828ef25ddfabbc6aa42e2364c
591910334f0061a718e49e8ec853841ed8edf469be1b1817155b54002f8e482b
GET /go/ce4e607a-edbc-4366-9680-884e802bce20 HTTP/1.1
Host: www.trafficit.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: openresty
date: Wed, 31 May 2023 08:07:37 GMT
content-type: text/html; charset=utf-8
content-length: 338
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Full-Version,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
access-control-allow-origin: *
location: https://aumtoukssurvey.top/finance-survey.html?z=4137511&offer_id=2025&var=&ymid=7W9jtH2xbv84n7eWTQt6cJ&ymid=7W9jtH2xbv84n7eWTQt6cJ
set-cookie: bemob-uniq-visit:ce4e607a-edbc-4366-9680-884e802bce20=1; Domain=www.trafficit.online; Path=/; Expires=Thu, 01 Jun 2023 08:07:37 GMT; HttpOnly; Secure; SameSite=None
bemob-rotation:ce4e607a-edbc-4366-9680-884e802bce20:random:e687213b132a6af95e0439d05b6222c4=0-0-0; Domain=www.trafficit.online; Path=/; Expires=Thu, 01 Jun 2023 08:07:37 GMT; HttpOnly; Secure; SameSite=None
bemob-click-id=7W9jtH2xbv84n7eWTQt6cJ; Domain=www.trafficit.online; Path=/; Expires=Thu, 01 Jun 2023 08:07:37 GMT; HttpOnly; Secure; SameSite=None
vary: Accept
x-response-time: 8.598ms
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
X-Firefox-Spdy: h2
aumtoukssurvey.top/js/_core-survey.2c96763c.js
104.21.69.184 60 kB URL aumtoukssurvey.top/js/_core-survey.2c96763c.js
IP 104.21.69.184:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7270f6a2cf25c9812b0536e5197723b1
f7b361ebc9c1c65e9e9d23441abc40762ad25fb9
8e18c9d2385af93b2537520de3973c87fd02808321021d257015d8d92327dd2b
GET /js/_core-survey.2c96763c.js HTTP/1.1
Host: aumtoukssurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 31 May 2023 08:07:37 GMT
content-type: application/javascript
last-modified: Wed, 31 May 2023 07:52:09 GMT
vary: Accept-Encoding
etag: W/"6476fca9-37ed1"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ft1H4eds96ZfI1NfZIwBGu%2B4LJU9UgTP3Gbps0d8tNRvGMgTN6Iw39%2Frk4cbN%2B%2F%2FqyNirfpGsrmGHDi7ZPBkQJCdyIKFCwv5ycOVQGxZR9oA0jTIFTzKJdHAt5bqAENeI4Hu8D0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cfdb96cfab9b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
aumtoukssurvey.top/js/config/data/sd-2025.js
104.21.69.184200 OK 1.3 kB URL GET HTTP/3 aumtoukssurvey.top/js/config/data/sd-2025.js
IP 104.21.69.184:443
Requested by https://aumtoukssurvey.top/finance-survey.html?z=4137511&offer_id=2025&var=&ymid=7W9jtH2xbv84n7eWTQt6cJ&ymid=7W9jtH2xbv84n7eWTQt6cJ&utm_medium=4137511&utm_content=zd_public_v2
Certificate IssuerGoogle Trust Services LLC
Subjectaumtoukssurvey.top
FingerprintA9:64:D1:6C:EF:48:A7:67:1D:0A:2E:2C:F6:FB:09:4A:6F:84:98:B5
ValidityMon, 29 May 2023 12:45:33 GMT - Sun, 27 Aug 2023 12:45:32 GMT
File type ASCII text, with very long lines (9233), with no line terminators
Hash 75a1a7295785d43701c2ae0e8829668d
b1928ddd2bb46cccfb73bdc9b959c24b2cfbff95
becbc9d00e418641d9766ed3bdf34bc0b1334c68d93cc5aeea43066c814a3782
GET /js/config/data/sd-2025.js HTTP/1.1
Host: aumtoukssurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: isCookieSyncABTest=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 31 May 2023 08:07:38 GMT
content-type: application/javascript
last-modified: Wed, 31 May 2023 07:52:09 GMT
vary: Accept-Encoding
etag: W/"6476fca9-2411"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vyRJ2%2F%2Fu0LuHuutX2ZJ5Fvw4gN2yEXYbb%2F7IH3oYxfOMFYUR5vKQzEioBTiiK0IK2F2%2Ba%2FIWu92Y4bw7Ie2cGDW%2FkEruY9sPvc76aJ1inzhMeiARK4kdiALOwTavYvHCUpePMsE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cfdb96eed3fb4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
aumtoukssurvey.top/js/v-immer.esm.mjs.d9bdbc14.js
104.21.69.184 64 kB URL aumtoukssurvey.top/js/v-immer.esm.mjs.d9bdbc14.js
IP 104.21.69.184:0
File type ASCII text, with very long lines (10496), with no line terminators
Hash fb46146a17eb0c4a887b7df1f66f7fa7
4be05a7ad649b3b907cecb1e92262ef8eb849946
d326fd3d05fc533b5f383d2695e3c013e267d1de919a64c798b49c7f8f36b55c
GET /js/v-immer.esm.mjs.d9bdbc14.js HTTP/1.1
Host: aumtoukssurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 31 May 2023 08:07:37 GMT
content-type: application/javascript
last-modified: Wed, 31 May 2023 07:52:09 GMT
vary: Accept-Encoding
etag: W/"6476fca9-2900"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IwqvcJN4hbMvFZwrV5ztrsRp81OFtCph%2FTYikKTA5l5pWnXrRS8zRmInlMS21yVD%2BWhxOU1OlAgEqjjJ7Mg%2BSr%2B78xg5G8OHaugkF8xzA6sDjNFMn1l6E%2B4TILywsP7m4YuOnm4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cfdb96cfab2b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
aumtoukssurvey.top/js/config/dict/cookie-consent-1.json?v=10
104.21.69.184 3.5 kB URL aumtoukssurvey.top/js/config/dict/cookie-consent-1.json?v=10
IP 104.21.69.184:0
File type JSON data\012- HTML document, Unicode text, UTF-8 text
Hash 4f1c632e971c4261f927ed0cf67bfdee
18c72b10719ca98b61b1f1f84e4b01f0ed8b3763
2bfa8e9b4326caea44f0d0c0345a31f34f19d47ae2e60fbc7c557df9ceffdca6
GET /js/config/dict/cookie-consent-1.json?v=10 HTTP/1.1
Host: aumtoukssurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: isCookieSyncABTest=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 31 May 2023 08:07:38 GMT
content-type: application/json
last-modified: Wed, 31 May 2023 07:52:09 GMT
vary: Accept-Encoding
etag: W/"6476fca9-1a65"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IlkK7Dya%2BHAFxI%2BTVTtLq8rKRyxiQRJPajJVhMFfQ8dVweWpCgMZE17uJyVjJ9xPc4uz38FaGpX064KlCH4ON4vBhDV%2BU4AXw0NTQ6Ifyf6M0kaGcpkd5MwSTzt5V5WXxlOUu%2Bc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cfdb96e9cdfb4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
aumtoukssurvey.top/img/icon-survey.svg
104.21.69.184 1.3 kB URL aumtoukssurvey.top/img/icon-survey.svg
IP 104.21.69.184:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1080)
Hash 9612f51aebfc959fbe20466738ad7a35
40018ba48bd4ed13c219ceb9efdeccac7902ff4f
a35df0cc8723374ad7b9b6a99e7b07b23a32783d0ae1897fbf8dbc6e6ffe11d6
GET /img/icon-survey.svg HTTP/1.1
Host: aumtoukssurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 31 May 2023 08:07:37 GMT
content-type: image/svg+xml
last-modified: Wed, 31 May 2023 07:52:10 GMT
vary: Accept-Encoding
etag: W/"6476fcaa-c19"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zmON4mmdsB5oL2T%2F8X5qIYcEBsJMEW9xoO96MMzxg5WYYYEMvZuC4Hyl9sieTYhFXg%2FR8ojCY3jR%2F0sJXiNR4pPAUF8NLbRVzeWtPNWrUCPNuB1VjfcVYqugEunC%2BO5IFsi3S3k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cfdb96cfac5b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
aumtoukssurvey.top/img/comments/person-4.jpeg
104.21.69.184200 OK 2.7 kB URL GET HTTP/3 aumtoukssurvey.top/img/comments/person-4.jpeg
IP 104.21.69.184:443
Requested by https://aumtoukssurvey.top/finance-survey.html?z=4137511&offer_id=2025&var=&ymid=7W9jtH2xbv84n7eWTQt6cJ&ymid=7W9jtH2xbv84n7eWTQt6cJ&utm_medium=4137511&utm_content=zd_public_v2
Certificate IssuerGoogle Trust Services LLC
Subjectaumtoukssurvey.top
FingerprintA9:64:D1:6C:EF:48:A7:67:1D:0A:2E:2C:F6:FB:09:4A:6F:84:98:B5
ValidityMon, 29 May 2023 12:45:33 GMT - Sun, 27 Aug 2023 12:45:32 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Hash 6cf64555e2de0ff8b5391081b648b89a
a32008bacf7f8cd3859eb86c6c8d36eeb15dbdf0
d4f513bf3a5691b900739cf79285d18ef09ef4b81eca648261b15a693d21818d
GET /img/comments/person-4.jpeg HTTP/1.1
Host: aumtoukssurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: isCookieSyncABTest=1; loaded-page=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 31 May 2023 08:07:38 GMT
content-type: image/jpeg
content-length: 2709
last-modified: Wed, 31 May 2023 07:52:10 GMT
vary: Accept-Encoding
etag: "6476fcaa-a95"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aB2JYUU8xnqcXMrZOJmbGWiV0NSYvTHoCwOeOdUgV0UZfo%2FMVrIpM5IOStElYwcZFRq4WcVMMPO3qpP2kldCnTY8MPUhnkRnhQ4RqXBNLonrfplOget5YF%2BADcgy0smUvil2NqE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cfdb9717996b4f9-OSL
alt-svc: h3=":443"; ma=86400
aumtoukssurvey.top/img/comments/unnamed.jpg
104.21.69.184 1.4 kB URL aumtoukssurvey.top/img/comments/unnamed.jpg
IP 104.21.69.184:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Hash 449aaf5a54e3fe3aa4f0f5875bede090
b2b897362626700277b7f8baca8b1f292d08b7e5
4200f94af9e21196c339a50a85d3d50c769e8655857fdaf67df6e99678b9ad59
GET /img/comments/unnamed.jpg HTTP/1.1
Host: aumtoukssurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: isCookieSyncABTest=1; loaded-page=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 31 May 2023 08:07:38 GMT
content-type: image/jpeg
content-length: 1378
last-modified: Wed, 31 May 2023 07:52:10 GMT
vary: Accept-Encoding
etag: "6476fcaa-562"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UB%2Fuj5EBUrurHAloCPi5Tllr%2FkZCk4mKyczE06bbJQ2TZ98LiF8Dc5aeIAowJM9d3r32XFK55HsRWEesbI2h4DXqMSjptPCcyHuPOMnS5PTnSVzC2MgCo64GC6yKXLlrXeo9Yhc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cfdb971596eb4f9-OSL
alt-svc: h3=":443"; ma=86400
aumtoukssurvey.top/img/comments/person-14.jpg
104.21.69.184200 OK 5.4 kB URL GET HTTP/3 aumtoukssurvey.top/img/comments/person-14.jpg
IP 104.21.69.184:443
Requested by https://aumtoukssurvey.top/finance-survey.html?z=4137511&offer_id=2025&var=&ymid=7W9jtH2xbv84n7eWTQt6cJ&ymid=7W9jtH2xbv84n7eWTQt6cJ&utm_medium=4137511&utm_content=zd_public_v2
Certificate IssuerGoogle Trust Services LLC
Subjectaumtoukssurvey.top
FingerprintA9:64:D1:6C:EF:48:A7:67:1D:0A:2E:2C:F6:FB:09:4A:6F:84:98:B5
ValidityMon, 29 May 2023 12:45:33 GMT - Sun, 27 Aug 2023 12:45:32 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Hash 6012ff0d59aa6a34aaca1ea8f2fa88fc
ef59662c9b666106486039e9f1deb40fb4a8ff77
2c020310e91430067c7128425f14ac0ff1710aea5e67c144a8fceac46311182d
GET /img/comments/person-14.jpg HTTP/1.1
Host: aumtoukssurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: isCookieSyncABTest=1; loaded-page=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 31 May 2023 08:07:38 GMT
content-type: image/jpeg
content-length: 5392
last-modified: Wed, 31 May 2023 07:52:10 GMT
vary: Accept-Encoding
etag: "6476fcaa-1510"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MXJkUivzfXdWwgCTDlBxMm5%2FMZM2TOoSFJ4kVqT8drjcDsJbw37oSy8DZ0J1kY2PU8YEKk1WKyNV8nqAOJLQDrYfuR1jtA5yzf1kkM3XR4lFNsBztagLbrc7BizKRqiIwJ3Z2K0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cfdb9716983b4f9-OSL
alt-svc: h3=":443"; ma=86400
aumtoukssurvey.top/img/comments/person-6.jpg
104.21.69.184 4.4 kB URL aumtoukssurvey.top/img/comments/person-6.jpg
IP 104.21.69.184:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Hash be9ff88491a5bc0745579a3813eb2cbe
870f88a7fae9fdd928af33f47c5ffdddc6a4082b
698d413ddf6b2ec37acf0e982237d239bd912cb097e243cb355855ac2b8548d3
GET /img/comments/person-6.jpg HTTP/1.1
Host: aumtoukssurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: isCookieSyncABTest=1; loaded-page=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 31 May 2023 08:07:38 GMT
content-type: image/jpeg
content-length: 4392
last-modified: Wed, 31 May 2023 07:52:10 GMT
vary: Accept-Encoding
etag: "6476fcaa-1128"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8kXedPmmuYlVRiHDvuQ9mEWe3X4HTRfy2zwVkaYVvtPSYYgFUNPVq30pDn19v7nVw5gvjY%2Fs7e1R4gwlGQUPQ25JisOZfH6aKhaRhaN1Pt1AVTyBCVIRhqlSFSuEwZPny0PypVI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cfdb9717997b4f9-OSL
alt-svc: h3=":443"; ma=86400
aumtoukssurvey.top/img/comments/person-1.png
104.21.69.184 6.6 kB URL aumtoukssurvey.top/img/comments/person-1.png
IP 104.21.69.184:0
File type PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Hash 8f9a954bf05965bb41cf97a7ddb7a375
de9db936bbea75043e08a55d1f371678fca2270c
a787bd40650924a7bbc61d6ea0bbcaddae4b3129fd8028b68c3629210e41e26d
GET /img/comments/person-1.png HTTP/1.1
Host: aumtoukssurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: isCookieSyncABTest=1; loaded-page=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 31 May 2023 08:07:38 GMT
content-type: image/png
content-length: 6577
last-modified: Wed, 31 May 2023 07:52:10 GMT
vary: Accept-Encoding
etag: "6476fcaa-19b1"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JylkQbzveiZ4KZ8JrXZrA13cvVYraoBHn57zTQV3K3R7h18GoqmFIGSqHVEiLwR3OisLwQR4zhhVHNP8quqFlg7HviGKnt5oATIE7DFZCmmxCOFSuh0aQegvzmpf29FJXwFH65Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cfdb9716971b4f9-OSL
alt-svc: h3=":443"; ma=86400
aumtoukssurvey.top/img/comments/person-2.png
104.21.69.184200 OK 6.4 kB URL GET HTTP/3 aumtoukssurvey.top/img/comments/person-2.png
IP 104.21.69.184:443
Requested by https://aumtoukssurvey.top/finance-survey.html?z=4137511&offer_id=2025&var=&ymid=7W9jtH2xbv84n7eWTQt6cJ&ymid=7W9jtH2xbv84n7eWTQt6cJ&utm_medium=4137511&utm_content=zd_public_v2
Certificate IssuerGoogle Trust Services LLC
Subjectaumtoukssurvey.top
FingerprintA9:64:D1:6C:EF:48:A7:67:1D:0A:2E:2C:F6:FB:09:4A:6F:84:98:B5
ValidityMon, 29 May 2023 12:45:33 GMT - Sun, 27 Aug 2023 12:45:32 GMT
File type PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Hash 3e6eaea87b2891590972dd11373b09a3
f038c6e6306ca708defa2b601bf9477f0cf78a3d
15aadd2e7f4f83e79f35e760da382fb8b5045d2cf506f531bdc15b7b27f699a5
GET /img/comments/person-2.png HTTP/1.1
Host: aumtoukssurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: isCookieSyncABTest=1; loaded-page=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 31 May 2023 08:07:38 GMT
content-type: image/png
content-length: 6428
last-modified: Wed, 31 May 2023 07:52:10 GMT
vary: Accept-Encoding
etag: "6476fcaa-191c"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3BooM62Y0G%2Brg4FBCgKGQgWi8y2wz4ruY%2FImBgT82Sbv79lZvhPcmH2qRj1Ye2BMH6dWI9CNf7I5XvTgnOVVuxWn5tIlagh54%2BVdan75Hn7W%2FFSRL4jDAuSTu1FHV84IsL7%2FAh8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cfdb971798db4f9-OSL
alt-svc: h3=":443"; ma=86400
aumtoukssurvey.top/img/comments/person-5.jpg
104.21.69.184 4.3 kB URL aumtoukssurvey.top/img/comments/person-5.jpg
IP 104.21.69.184:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Hash 21fd6ef6d69b527c02e92a8c23d28d52
5980b75edc23f7fa2f57fa257cb67c9efb86fa58
f37490dbef620959d7124e3de027c5b5c43a57dc90737163947a6725444051eb
GET /img/comments/person-5.jpg HTTP/1.1
Host: aumtoukssurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: isCookieSyncABTest=1; loaded-page=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 31 May 2023 08:07:38 GMT
content-type: image/jpeg
content-length: 4333
last-modified: Wed, 31 May 2023 07:52:10 GMT
vary: Accept-Encoding
etag: "6476fcaa-10ed"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VnupIyUh%2Bos9uxsDsx9tv1v5D3IWWLVi7soa7SIf1IF472vvKYiGk2mjeRlAbDiGMoqNclGNXtDXMONklFzGQEFyUi7M1QL76oZ%2FZUHRrEtdBj9kxX6yQAscograFSRWMM%2F3im4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cfdb9717995b4f9-OSL
alt-svc: h3=":443"; ma=86400
aumtoukssurvey.top/js/config/dict/cookie-consent-1.json?v=10
104.21.69.184 21 kB URL aumtoukssurvey.top/js/config/dict/cookie-consent-1.json?v=10
IP 104.21.69.184:0
File type JSON data\012- HTML document, Unicode text, UTF-8 text
Hash 4f1c632e971c4261f927ed0cf67bfdee
18c72b10719ca98b61b1f1f84e4b01f0ed8b3763
2bfa8e9b4326caea44f0d0c0345a31f34f19d47ae2e60fbc7c557df9ceffdca6
GET /js/config/dict/cookie-consent-1.json?v=10 HTTP/1.1
Host: aumtoukssurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: isCookieSyncABTest=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 31 May 2023 08:07:38 GMT
content-type: application/json
last-modified: Wed, 31 May 2023 07:52:09 GMT
vary: Accept-Encoding
etag: W/"6476fca9-1a65"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GxckYw80RuUowdDZzOuk4kkMRqsaVCXMIlv2Lt2aLwdqP%2BSnstsq5fSyYf9h8pRhoYnyQeqoK%2FT%2B1Z65yQ2N5aYyk9Qaiye4l2dyNCfaxRNd5NuN%2FcIkjstnIaMUIYFxujF6N2M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cfdb9703f86b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
aumtoukssurvey.top/img/comments/person-9.jpg
104.21.69.184 5.2 kB URL aumtoukssurvey.top/img/comments/person-9.jpg
IP 104.21.69.184:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Hash 529370f9fd3b0f4da6c81ca91a931155
1a4c3e0e7af1ce30dc2ca18d48b5fc3f1b40aad3
cdf1b8dcdce4e9b76157ce90e086ebafb100063eaeb091e97087d97f5d0fb50b
GET /img/comments/person-9.jpg HTTP/1.1
Host: aumtoukssurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: isCookieSyncABTest=1; loaded-page=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 31 May 2023 08:07:38 GMT
content-type: image/jpeg
content-length: 5190
last-modified: Wed, 31 May 2023 07:52:10 GMT
vary: Accept-Encoding
etag: "6476fcaa-1446"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fJzKq2jLjuIY9rn%2BF84%2BG9nm71N9jDOE4mFCd0vEB0S2c55CXD6UL%2BKZOgdU4ae3xl66a%2FUvlZoVgKHy3AhwKHZT21zbjSMYo97yeqm58tnFH9LMPmoKdk4kthzRwcSfqsZ3%2B8E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cfdb971799cb4f9-OSL
alt-svc: h3=":443"; ma=86400
aumtoukssurvey.top/img/comments/person-3.png
104.21.69.184 7.4 kB URL aumtoukssurvey.top/img/comments/person-3.png
IP 104.21.69.184:0
File type PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Hash 2f62e53b6333bc904be22a37a1fd0ace
6e972fefcbe0193d9b28817c47c1ceab2a0235d1
9128194f1b1bf44435a3e80f994157b94a40a3365cd8f0794dcadb41a24c3b41
GET /img/comments/person-3.png HTTP/1.1
Host: aumtoukssurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: isCookieSyncABTest=1; loaded-page=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 31 May 2023 08:07:38 GMT
content-type: image/png
content-length: 7368
last-modified: Wed, 31 May 2023 07:52:10 GMT
vary: Accept-Encoding
etag: "6476fcaa-1cc8"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hfYh213%2BIxPVj7v6ljgx0549rrHHzVM7Fp62d%2FhfjUnYvOKhx4QhTPBxoYnWQRIjPClbKDav6BVOeCImTnLnmEpHVPYubcLXxoGBC5R0WcOx7hOjvdb%2BIvACD0ZGxJWrU3M7yow%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cfdb9717999b4f9-OSL
alt-svc: h3=":443"; ma=86400
aumtoukssurvey.top/img/comments/person-8.jpg
104.21.69.184200 OK 5.7 kB URL GET HTTP/3 aumtoukssurvey.top/img/comments/person-8.jpg
IP 104.21.69.184:443
Requested by https://aumtoukssurvey.top/finance-survey.html?z=4137511&offer_id=2025&var=&ymid=7W9jtH2xbv84n7eWTQt6cJ&ymid=7W9jtH2xbv84n7eWTQt6cJ&utm_medium=4137511&utm_content=zd_public_v2
Certificate IssuerGoogle Trust Services LLC
Subjectaumtoukssurvey.top
FingerprintA9:64:D1:6C:EF:48:A7:67:1D:0A:2E:2C:F6:FB:09:4A:6F:84:98:B5
ValidityMon, 29 May 2023 12:45:33 GMT - Sun, 27 Aug 2023 12:45:32 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, software=Google], baseline, precision 8, 100x100, components 3\012- data
Hash 6b10e71656e51e27520e854712b44f1c
f78b92dded977e9f275aba726453138155420bcf
64588485da7d470991fdba6c20a6d05c7ad39f92cca72769a95cbe3d873e8edc
GET /img/comments/person-8.jpg HTTP/1.1
Host: aumtoukssurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: isCookieSyncABTest=1; loaded-page=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 31 May 2023 08:07:38 GMT
content-type: image/jpeg
content-length: 5748
last-modified: Wed, 31 May 2023 07:52:09 GMT
vary: Accept-Encoding
etag: "6476fca9-1674"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MapkxG3lSWl%2FR6ETtrU%2BxcFoEW6%2FjpeJBkFGpqknMG0v7biqJkssYP%2BiH3VQ0XI8H9SGRs2BX9Nam17yN9ZoTgMk9rq08ka%2FGruhcwDK6pq%2FLQ1etbU87vRdR4nyw8zZ6fmMRGQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cfdb9717998b4f9-OSL
alt-svc: h3=":443"; ma=86400
aumtoukssurvey.top/img/comments/person-10.jpg
104.21.69.184 6.2 kB URL aumtoukssurvey.top/img/comments/person-10.jpg
IP 104.21.69.184:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, software=Google], baseline, precision 8, 100x100, components 3\012- data
Hash 044ab37551bfe632f53b8f15d991f36e
77fdc6210608e5e36e1d36ac7fd867104cb20d9e
36adcb32026c016feaff678063911fcc9e7985e9f0c56bb1daa776f98964ef91
GET /img/comments/person-10.jpg HTTP/1.1
Host: aumtoukssurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: isCookieSyncABTest=1; loaded-page=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 31 May 2023 08:07:38 GMT
content-type: image/jpeg
content-length: 6178
last-modified: Wed, 31 May 2023 07:52:10 GMT
vary: Accept-Encoding
etag: "6476fcaa-1822"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gtHvsMPKln8jBkx0o9pHaj%2BPGX9RDea2E2pgm3xHoae99%2FQVd4ZeUVumPg6wr8HPMZd83BciSdFJWJbeVGh1nA5GLVzH7Cjf2hHOGALMPK9j0SxCxTfZdfCbA8WJ3WNKMgKTGEw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cfdb971799fb4f9-OSL
alt-svc: h3=":443"; ma=86400
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash ae04971c528c0cd1388ac3e69999c24e
4536731637389de6ab5cb7391f4fa155db18993e
3efde8f665ec12eac8757ad23019ad9ef498ff18690921b94f8e6cde7d020c07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 31 May 2023 08:07:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
offpichuan.com/track?offer_id=2025&z=4137511&variable2=7W9jtH2xbv84n7eWTQt6cJ
139.45.197.237 144 B URL offpichuan.com/track?offer_id=2025&z=4137511&variable2=7W9jtH2xbv84n7eWTQt6cJ
IP 139.45.197.237:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9cab0d1d53cbb27f959b0e054b944c5f
866dcec2220e7db67ea46cda5f6accf12258fd8f
602952a089e4297e18d007d755a16e482e58c4551654f8b7035d2a2c71a2a3de
GET /track?offer_id=2025&z=4137511&variable2=7W9jtH2xbv84n7eWTQt6cJ HTTP/1.1
Host: offpichuan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://aumtoukssurvey.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 31 May 2023 08:07:38 GMT
content-type: application/json
content-length: 144
x-trace-id: 890fd4b1340bf0e04366e3c72381ba58
access-control-allow-origin: https://aumtoukssurvey.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
aumtoukssurvey.top/js/_global-config-sd.c5676aa0.js
104.21.69.184 4.9 kB URL aumtoukssurvey.top/js/_global-config-sd.c5676aa0.js
IP 104.21.69.184:0
File type ASCII text, with very long lines (1169), with no line terminators
Hash e3295213d3f10689cd90f4dc2740c6a3
5430bc12b341b42bd3646e3037aadfdaba310d4f
c43e834f5b6fb54b68338f0bd49c3067232c57b42269305679d986756d999431
GET /js/_global-config-sd.c5676aa0.js HTTP/1.1
Host: aumtoukssurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: isCookieSyncABTest=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 31 May 2023 08:07:38 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6476fca9-491"
last-modified: Wed, 31 May 2023 07:52:09 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gw6NBC%2FCaBHOD6tXEFd0SehpJMyI%2BS1zNVKkdaF%2BhLUEYZtjeRgryDSCZTmJdjSDuzGGIEd4wTNXZy05rikVwIzWPoaACYSlO7fTR0s%2FinBxFF6StN%2F0oMVwzsB97oCQ%2FgIUnZ4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cfdb96f2d8eb4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
aumtoukssurvey.top/js/config/data/sd-1203000.js?v=10
104.21.69.184200 OK 4.7 kB URL GET HTTP/3 aumtoukssurvey.top/js/config/data/sd-1203000.js?v=10
IP 104.21.69.184:443
Requested by https://aumtoukssurvey.top/finance-survey.html?z=4137511&offer_id=2025&var=&ymid=7W9jtH2xbv84n7eWTQt6cJ&ymid=7W9jtH2xbv84n7eWTQt6cJ&utm_medium=4137511&utm_content=zd_public_v2
Certificate IssuerGoogle Trust Services LLC
Subjectaumtoukssurvey.top
FingerprintA9:64:D1:6C:EF:48:A7:67:1D:0A:2E:2C:F6:FB:09:4A:6F:84:98:B5
ValidityMon, 29 May 2023 12:45:33 GMT - Sun, 27 Aug 2023 12:45:32 GMT
File type ASCII text, with very long lines (2722), with no line terminators
Hash b0264623f1137ebfc5fe924ecc5f111d
9b677216e28e11a444c576413677648c7b80e04a
8722cbace536c2b864b373e1657e9e22effadb08fefe9bfe2d9153a29b0b1690
GET /js/config/data/sd-1203000.js?v=10 HTTP/1.1
Host: aumtoukssurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: isCookieSyncABTest=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 31 May 2023 08:07:38 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6476fcaa-aa2"
last-modified: Wed, 31 May 2023 07:52:10 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NwfyzqKARLEIgOAm8AQo%2BfhHQJ1OHjb6lQtHoxrg9dFe0hs%2BY5skO%2BxD%2BgGBM1ix%2FrlkvAEs7LRcAxZtp%2FImXasrlXmi%2FjgOxgrmqR0c%2FaPSTNpkKGhupLQ3OC7Hi13BVDWxYTg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cfdb9702f64b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
aumtoukssurvey.top/finance-survey.html?z=4137511&offer_id=2025&var=&ymid=7W9jtH2xbv84n7eWTQt6cJ&ymid=7W9jtH2xbv84n7eWTQt6cJ
104.21.69.184 3.0 kB URL aumtoukssurvey.top/finance-survey.html?z=4137511&offer_id=2025&var=&ymid=7W9jtH2xbv84n7eWTQt6cJ&ymid=7W9jtH2xbv84n7eWTQt6cJ
IP 104.21.69.184:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4701), with no line terminators
Hash 416c9396b1d42fdce346696238da4c3b
d23ade3fc6f39e7305f56c0957d46b85369a88f9
1987c5db7c7ff444d36583474e321c49cbea77808a3c4c8d52adaccb4cf0e630
GET /finance-survey.html?z=4137511&offer_id=2025&var=&ymid=7W9jtH2xbv84n7eWTQt6cJ&ymid=7W9jtH2xbv84n7eWTQt6cJ HTTP/1.1
Host: aumtoukssurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 31 May 2023 08:07:37 GMT
content-type: text/html
last-modified: Wed, 31 May 2023 07:52:09 GMT
vary: Accept-Encoding
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2FfKSO46WQsz71C9Zzf7NJKc0HtRXuGtBxzwaHFNdOU4dh5fXUFvCinR9Q40JSjzCWCDd8EFUcMDo9%2BY3bftgm5%2B%2Fg81IkLWcQOYPKsDgBZXQETtmkRh4BLQuWX81SKN3PCnsFA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cfdb96a6f6eb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
laugoust.com/zone?&pub=0&zone_id=4842618&is_mobile=false&domain=aumtoukssurvey.top&var=4137511&ymid=&var_3=null&var_4=null&dsig=&action=prerequest
139.45.197.250 0 B URL laugoust.com/zone?&pub=0&zone_id=4842618&is_mobile=false&domain=aumtoukssurvey.top&var=4137511&ymid=&var_3=null&var_4=null&dsig=&action=prerequest
IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /zone?&pub=0&zone_id=4842618&is_mobile=false&domain=aumtoukssurvey.top&var=4137511&ymid=&var_3=null&var_4=null&dsig=&action=prerequest HTTP/1.1
Host: laugoust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Wed, 31 May 2023 08:07:38 GMT
content-length: 0
x-trace-id: 455844dc2b6bc03502c262f83a11f1c6
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash b4b40aa902e030c3962325bfbc1aa3a4
a4ba1f4ef41182df919a3d52c5b453880c43a45f
db2652de35ec8788a924075eadc88c711e2f245d8165ff00c726461b83d114a7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 31 May 2023 08:07:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
142.250.74.35200 OK 166 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
IP 142.250.74.35:443
Requested by https://aumtoukssurvey.top/finance-survey.html?z=4137511&offer_id=2025&var=&ymid=7W9jtH2xbv84n7eWTQt6cJ&ymid=7W9jtH2xbv84n7eWTQt6cJ&utm_medium=4137511&utm_content=zd_public_v2
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type ASCII text, with very long lines (660)
Size 166 kB (166449 bytes)
Hash 95a32a4d8f8be968bc15d6ab9b9491d1
fbfbcb40c8d8997096cd2ea3d8cfc3dee1981015
a41096fbcf982d79bf075bf2378c9c0c2e8ada5bdc94bd7cc794454135ccf981
GET /recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://aumtoukssurvey.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166449
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 May 2023 23:49:29 GMT
expires: Tue, 28 May 2024 23:49:29 GMT
cache-control: public, max-age=31536000
age: 116289
last-modified: Mon, 22 May 2023 20:58:33 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash b4b40aa902e030c3962325bfbc1aa3a4
a4ba1f4ef41182df919a3d52c5b453880c43a45f
db2652de35ec8788a924075eadc88c711e2f245d8165ff00c726461b83d114a7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 31 May 2023 08:07:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.14.101 471 B IP 104.18.14.101:0
Hash 23cafd2f23f997956352672f021ce6d1
732a931da2b75e53224cfa78c5ec91e7b3350532
6d0dd9e8cd03e2e41a8360321752df46523ac7463df5cbfff19961dbce3a8e6e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 31 May 2023 08:07:39 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 28 May 2023 17:19:59 GMT
Expires: Sun, 04 Jun 2023 17:19:58 GMT
Etag: "732a931da2b75e53224cfa78c5ec91e7b3350532"
Cache-Control: max-age=378855,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7cfdb974ab14b521-OSL
aumtoukssurvey.top/css/survey.2bfeef83.css
104.21.69.184 11 kB URL aumtoukssurvey.top/css/survey.2bfeef83.css
IP 104.21.69.184:0
File type ASCII text, with very long lines (35420)
Hash 3bf44e3d44a0c44e722d6f60a8f23d95
6dd32402c4c2f26f7dd747a0da5292fcc28443dc
ad8bc0ca5019134953aca607336e7fb36a4dd943c5b58944f2da9a715fccda2f
GET /css/survey.2bfeef83.css HTTP/1.1
Host: aumtoukssurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 31 May 2023 08:07:37 GMT
content-type: text/css
last-modified: Wed, 31 May 2023 07:52:10 GMT
vary: Accept-Encoding
etag: W/"6476fcaa-1041f"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wmnls8pftLDYgjvMggItmZNp4o7ohIJAEDOYB4s5ggZB3vKFT7SIcGqaPEF7pmrgNbqluTnSwjzOJxNaYnPU6wr2NtKIx4%2F4bvMfqBkgHp0Dqj9z7frfcBDZuqIRufg42MIgiq4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cfdb96cfac0b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
my.rtmark.net/img.gif?f=sync&partner=37faba736e092fd0fbd4bb09c7ac1e23053143b486f9f8503431b4ff9f42fc60
139.45.195.8 43 B URL my.rtmark.net/img.gif?f=sync&partner=37faba736e092fd0fbd4bb09c7ac1e23053143b486f9f8503431b4ff9f42fc60
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST /img.gif?f=sync&partner=37faba736e092fd0fbd4bb09c7ac1e23053143b486f9f8503431b4ff9f42fc60 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
DNT: 1
Connection: keep-alive
Cookie: ID=60305edc63ec4f27bfd5e5c6b52130cf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 31 May 2023 08:07:52 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: null
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=60305edc63ec4f27bfd5e5c6b52130cf; expires=Thu, 30 May 2024 08:07:52 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a
37.48.68.71200 OK 12 B URL POST HTTP/1.1 datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a
IP 37.48.68.71:443
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://aumtoukssurvey.top/finance-survey.html?z=4137511&offer_id=2025&var=&ymid=7W9jtH2xbv84n7eWTQt6cJ&ymid=7W9jtH2xbv84n7eWTQt6cJ&utm_medium=4137511&utm_content=zd_public_v2
Certificate IssuerSectigo Limited
Subjectdatatechonert.com
Fingerprint6F:17:15:C2:7F:CC:16:6C:9D:C0:AD:C3:EE:DA:69:61:8C:77:0B:5B
ValiditySun, 18 Dec 2022 00:00:00 GMT - Sun, 24 Dec 2023 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 6949f52318584a4b51c719a9b84a7287
9fbd870c6afd4bdd6fbbd87f52df2c81dd23e905
72603096ec3515dbc615ab8837fd1b15e91ee827bc7af41d71c9882b08699375
POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1465
Origin: https://aumtoukssurvey.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Wed, 31 May 2023 08:07:39 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://aumtoukssurvey.top
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
my.rtmark.net/gid.js?
139.45.195.8200 OK 65 B IP 139.45.195.8:443
Requested by https://aumtoukssurvey.top/finance-survey.html?z=4137511&offer_id=2025&var=&ymid=7W9jtH2xbv84n7eWTQt6cJ&ymid=7W9jtH2xbv84n7eWTQt6cJ&utm_medium=4137511&utm_content=zd_public_v2
Certificate IssuerLet's Encrypt
Subjectrtmark.net
Fingerprint84:56:36:C3:24:DE:FB:F0:E7:EB:EB:9D:C8:B6:28:31:B5:3C:8B:80
ValiditySat, 06 May 2023 08:48:01 GMT - Fri, 04 Aug 2023 08:48:00 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash ec8e0488306e2fecc94a3b571fcaf096
e1c9add7f3245fac6d78b15abfd42fe5dba1c636
90ccf3055e1b87527611bdb0046e1c8481b721cca84dc6eb756d20e1d9781844
GET /gid.js? HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://aumtoukssurvey.top
DNT: 1
Connection: keep-alive
Cookie: ID=60305edc63ec4f27bfd5e5c6b52130cf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 31 May 2023 08:07:38 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://aumtoukssurvey.top
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=60305edc63ec4f27bfd5e5c6b52130cf; expires=Thu, 30 May 2024 08:07:38 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
dortmark.net/sync?userId=871b194bb04a796c40256f60f51b145a&partition=finance&duration=5184000
139.45.197.248200 OK 45 B URL GET HTTP/2 dortmark.net/sync?userId=871b194bb04a796c40256f60f51b145a&partition=finance&duration=5184000
IP 139.45.197.248:443
Requested by https://aumtoukssurvey.top/finance-survey.html?z=4137511&offer_id=2025&var=&ymid=7W9jtH2xbv84n7eWTQt6cJ&ymid=7W9jtH2xbv84n7eWTQt6cJ&utm_medium=4137511&utm_content=zd_public_v2
Certificate IssuerLet's Encrypt
Subjectdortmark.net
Fingerprint2D:58:01:B8:69:29:6C:35:45:78:06:E6:15:E1:E3:B9:8B:47:F6:52
ValidityTue, 11 Apr 2023 11:46:30 GMT - Mon, 10 Jul 2023 11:46:29 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 7725dca16bc474d9b7dda30eb39eb679
3befc369a13c988567a18db29e0bbab0af2c3c84
11eeb7466b0b0f2d611bb801a2030f3cc670d858bf99b223bdd80dd2bb10e9fb
GET /sync?userId=871b194bb04a796c40256f60f51b145a&partition=finance&duration=5184000 HTTP/1.1
Host: dortmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://aumtoukssurvey.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 31 May 2023 08:07:38 GMT
content-type: application/json; charset=utf-8
content-length: 45
x-trace-id: 27b3addb981454be41e5d9160b3f1015
access-control-allow-origin: https://aumtoukssurvey.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: finance_ID=871b194bb04a796c40256f60f51b145a; expires=Wed, 31 May 2023 09:07:38 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
aumtoukssurvey.top/img/comments/person-13.jpg
104.21.69.184200 OK 3.2 kB URL GET HTTP/3 aumtoukssurvey.top/img/comments/person-13.jpg
IP 104.21.69.184:443
Requested by https://aumtoukssurvey.top/finance-survey.html?z=4137511&offer_id=2025&var=&ymid=7W9jtH2xbv84n7eWTQt6cJ&ymid=7W9jtH2xbv84n7eWTQt6cJ&utm_medium=4137511&utm_content=zd_public_v2
Certificate IssuerGoogle Trust Services LLC
Subjectaumtoukssurvey.top
FingerprintA9:64:D1:6C:EF:48:A7:67:1D:0A:2E:2C:F6:FB:09:4A:6F:84:98:B5
ValidityMon, 29 May 2023 12:45:33 GMT - Sun, 27 Aug 2023 12:45:32 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Hash a3364ed9e772ae6f696b814072001bf8
b8f34c657c31bf1e4d42b5d864b2519493d80e92
88f30b8552d0ab928d895390b337a0049405f3b1e8446631e606ba787e1205e1
GET /img/comments/person-13.jpg HTTP/1.1
Host: aumtoukssurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: isCookieSyncABTest=1; loaded-page=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 31 May 2023 08:07:38 GMT
content-type: image/jpeg
content-length: 3172
last-modified: Wed, 31 May 2023 07:52:10 GMT
vary: Accept-Encoding
etag: "6476fcaa-c64"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=biHyCj41ZHNtpI%2BIb78KjcljDcuEVjamf79NIZ6tG6GDh22k%2FHWT6dRKcJ4Wt%2BqZZx1aCnG4s2KrU0NXjD%2Fq6XoNJJsrfU2tnuuT56ugQogwODs3LnqgqWOyPwpsb1kxH9GTgsw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cfdb971b9e0b4f9-OSL
alt-svc: h3=":443"; ma=86400
aumtoukssurvey.top/sw/sw4842618.js?var=4137511&var_3=null&var_4=null&ab2_ttl=5184000000
104.21.69.184200 OK 1.3 kB URL GET HTTP/3 aumtoukssurvey.top/sw/sw4842618.js?var=4137511&var_3=null&var_4=null&ab2_ttl=5184000000
IP 104.21.69.184:443
Requested by https://aumtoukssurvey.top/finance-survey.html?z=4137511&offer_id=2025&var=&ymid=7W9jtH2xbv84n7eWTQt6cJ&ymid=7W9jtH2xbv84n7eWTQt6cJ&utm_medium=4137511&utm_content=zd_public_v2
Certificate IssuerGoogle Trust Services LLC
Subjectaumtoukssurvey.top
FingerprintA9:64:D1:6C:EF:48:A7:67:1D:0A:2E:2C:F6:FB:09:4A:6F:84:98:B5
ValidityMon, 29 May 2023 12:45:33 GMT - Sun, 27 Aug 2023 12:45:32 GMT
File type ASCII text, with very long lines (1381), with no line terminators
Hash 391176c8bd76a5856ba8000206199492
6cb137aed01a624e854904e2a6ae01033ec3d412
e154691950c0b3cb210001729b9d414ee23f96c1b28b36a91cffc8d5e5baf443
GET /sw/sw4842618.js?var=4137511&var_3=null&var_4=null&ab2_ttl=5184000000 HTTP/1.1
Host: aumtoukssurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Cookie: isCookieSyncABTest=1; loaded-page=1; finance_ID=871b194bb04a796c40256f60f51b145a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 31 May 2023 08:07:39 GMT
content-type: application/javascript
last-modified: Wed, 31 May 2023 07:52:10 GMT
vary: Accept-Encoding
etag: W/"6476fcaa-529"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FErU54iP%2FcovPoaXCRVnePZYoR4Zm3kzGZ8dNmOtDwPogMhlRcAA9%2BmBn6qACMD93KkM8YXNHuo5iCpeCzwt3U4wByhckFIiGQGocvDmb4tAxgC14AKfbUBnuBkpVu%2F%2BV7WTqY0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cfdb974be03b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
aumtoukssurvey.top/js/s-storageService.js.24e15119.js
104.21.69.184200 OK 2.6 kB URL GET HTTP/3 aumtoukssurvey.top/js/s-storageService.js.24e15119.js
IP 104.21.69.184:443
Requested by https://aumtoukssurvey.top/finance-survey.html?z=4137511&offer_id=2025&var=&ymid=7W9jtH2xbv84n7eWTQt6cJ&ymid=7W9jtH2xbv84n7eWTQt6cJ&utm_medium=4137511&utm_content=zd_public_v2
Certificate IssuerGoogle Trust Services LLC
Subjectaumtoukssurvey.top
FingerprintA9:64:D1:6C:EF:48:A7:67:1D:0A:2E:2C:F6:FB:09:4A:6F:84:98:B5
ValidityMon, 29 May 2023 12:45:33 GMT - Sun, 27 Aug 2023 12:45:32 GMT
File type troff or preprocessor input, ASCII text, with very long lines (2624), with no line terminators
Hash 92ba5c835e9273abcc9a4e5bd9ce7949
75050f148900e64655c7c225dcd016fdc9165718
1a17cd3a15460fb7839645aa0cdc52efc308f769807c4810f8ae59602b441e9a
GET /js/s-storageService.js.24e15119.js HTTP/1.1
Host: aumtoukssurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: isCookieSyncABTest=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 31 May 2023 08:07:38 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6476fcaa-a0c"
last-modified: Wed, 31 May 2023 07:52:10 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YY0SyehviM8LH%2BJMNiDWssdZtw6Gz154lcLsdtdom7lFyJrNT%2FOcg0fp9fdY09ZHvU39cZp0HxJD%2BSeEitqYzK%2FMk6kF2TbZ4lj%2B4fZj%2FlSLmHvxXwydmxSRhypxNQgkDCosA18%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cfdb96f2d92b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
aumtoukssurvey.top/pfe/current/micro.tag.min.js?z=4842618&sw=/sw/sw4842618.js&var=4137511&var_3=null&var_4=null&ymid=&cdn=1&domain=laugoust.com&ab2_ttl=5184000000
104.21.69.184200 OK 42 kB URL GET HTTP/3 aumtoukssurvey.top/pfe/current/micro.tag.min.js?z=4842618&sw=/sw/sw4842618.js&var=4137511&var_3=null&var_4=null&ymid=&cdn=1&domain=laugoust.com&ab2_ttl=5184000000
IP 104.21.69.184:443
Requested by https://aumtoukssurvey.top/finance-survey.html?z=4137511&offer_id=2025&var=&ymid=7W9jtH2xbv84n7eWTQt6cJ&ymid=7W9jtH2xbv84n7eWTQt6cJ&utm_medium=4137511&utm_content=zd_public_v2
Certificate IssuerGoogle Trust Services LLC
Subjectaumtoukssurvey.top
FingerprintA9:64:D1:6C:EF:48:A7:67:1D:0A:2E:2C:F6:FB:09:4A:6F:84:98:B5
ValidityMon, 29 May 2023 12:45:33 GMT - Sun, 27 Aug 2023 12:45:32 GMT
File type C source, ASCII text, with very long lines (42367), with no line terminators
Hash e2c1209fa034e82830b27b2c7e00a7dc
0a3057e56de2d45bee9443afba1823ce0629f199
ea6ad99d1789576a76dcb7c3d970a1fb9c81b4b0c493eafc64023b85686a2bcd
GET /pfe/current/micro.tag.min.js?z=4842618&sw=/sw/sw4842618.js&var=4137511&var_3=null&var_4=null&ymid=&cdn=1&domain=laugoust.com&ab2_ttl=5184000000 HTTP/1.1
Host: aumtoukssurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: isCookieSyncABTest=1; loaded-page=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 31 May 2023 08:07:38 GMT
content-type: application/javascript
last-modified: Wed, 31 May 2023 07:52:10 GMT
vary: Accept-Encoding
etag: W/"6476fcaa-a57f"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pEXs0GChBFqp24yuPaHUwO%2F3O0wDNogoGLJSnnd6fZ44FiZNkXNJQ%2Bl06dzSZYZWTGd70i1%2FzMuFGdZbAkyCvBWuvyt83gmXYG941dx5JOFxBYsPcbqHEnA3vXzQOEGru%2Fhe9hw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cfdb970a869b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
aumtoukssurvey.top/js/v-index.js.1bd59bc3.js
104.21.69.184200 OK 40 kB URL GET HTTP/3 aumtoukssurvey.top/js/v-index.js.1bd59bc3.js
IP 104.21.69.184:443
Requested by https://aumtoukssurvey.top/finance-survey.html?z=4137511&offer_id=2025&var=&ymid=7W9jtH2xbv84n7eWTQt6cJ&ymid=7W9jtH2xbv84n7eWTQt6cJ&utm_medium=4137511&utm_content=zd_public_v2
Certificate IssuerGoogle Trust Services LLC
Subjectaumtoukssurvey.top
FingerprintA9:64:D1:6C:EF:48:A7:67:1D:0A:2E:2C:F6:FB:09:4A:6F:84:98:B5
ValidityMon, 29 May 2023 12:45:33 GMT - Sun, 27 Aug 2023 12:45:32 GMT
File type ASCII text, with very long lines (40296), with no line terminators
Hash a1eebf7f284d06e15ce2bb56c67c6af6
0fddedec37b7adc94721964fd98db952c51855f7
11def302cc72a9de4bfeae98921d5e014ebeb7bd27063bb76908e360b22a6c9b
GET /js/v-index.js.1bd59bc3.js HTTP/1.1
Host: aumtoukssurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: isCookieSyncABTest=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 31 May 2023 08:07:38 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6476fcaa-9d68"
last-modified: Wed, 31 May 2023 07:52:10 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e5TgJ9dFCN%2FmRoHSYoc8Zm63IE0iJJl1xrZT%2F3KVOXEwsl4xOYe%2FNECrD83u5cH69Ev2OsJtbCwDb7XIc2fWOE8EeW4v2SQ6IFrq7U3VwN2SfB9mB%2F49VfLjQFXqCxREWOgEhz8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cfdb96f2d9cb4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
aumtoukssurvey.top/js/v-redux-toolkit.esm.js.e88f795d.js
104.21.69.184200 OK 11 kB URL GET HTTP/3 aumtoukssurvey.top/js/v-redux-toolkit.esm.js.e88f795d.js
IP 104.21.69.184:443
Requested by https://aumtoukssurvey.top/finance-survey.html?z=4137511&offer_id=2025&var=&ymid=7W9jtH2xbv84n7eWTQt6cJ&ymid=7W9jtH2xbv84n7eWTQt6cJ&utm_medium=4137511&utm_content=zd_public_v2
Certificate IssuerGoogle Trust Services LLC
Subjectaumtoukssurvey.top
FingerprintA9:64:D1:6C:EF:48:A7:67:1D:0A:2E:2C:F6:FB:09:4A:6F:84:98:B5
ValidityMon, 29 May 2023 12:45:33 GMT - Sun, 27 Aug 2023 12:45:32 GMT
File type ASCII text, with very long lines (11317), with no line terminators
Hash df1b7b57b2e4f95c2ddc857a38274eff
0db105076f74e15ca30dd296b64c5a59d104ad1c
e63ecbc4a88d54460c299b83e4756276ea85fc804da2a75e0e6b4d9a0cca8efe
GET /js/v-redux-toolkit.esm.js.e88f795d.js HTTP/1.1
Host: aumtoukssurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: isCookieSyncABTest=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 31 May 2023 08:07:38 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6476fca9-2c35"
last-modified: Wed, 31 May 2023 07:52:09 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iP9hnrRKFQLMrS%2Bpnb%2BJCrmSNMMHHGpynf4sg61myj%2FCKpcMbjcVh10gVlKGHNlbzo2oee%2BDybyp94AJkD3c5Oc%2FNIvv%2BFc8RZu2j6pVE%2Far5U3dAzQaDANSQQJLqfOwNNP2bnA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cfdb96f2d9fb4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
aumtoukssurvey.top/img/comments/person-11.jpeg
104.21.69.184200 OK 4.2 kB URL GET HTTP/3 aumtoukssurvey.top/img/comments/person-11.jpeg
IP 104.21.69.184:443
Requested by https://aumtoukssurvey.top/finance-survey.html?z=4137511&offer_id=2025&var=&ymid=7W9jtH2xbv84n7eWTQt6cJ&ymid=7W9jtH2xbv84n7eWTQt6cJ&utm_medium=4137511&utm_content=zd_public_v2
Certificate IssuerGoogle Trust Services LLC
Subjectaumtoukssurvey.top
FingerprintA9:64:D1:6C:EF:48:A7:67:1D:0A:2E:2C:F6:FB:09:4A:6F:84:98:B5
ValidityMon, 29 May 2023 12:45:33 GMT - Sun, 27 Aug 2023 12:45:32 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Hash 3924bdc784dc4947f52b779aa4d5a0aa
1e3f3fdd99490addd60014aa7327fe27c6bd5589
b3f882f57f9a213d85eb1c5c6a8a1451bd16dfcd9e4bd00e0a74584422dbd950
GET /img/comments/person-11.jpeg HTTP/1.1
Host: aumtoukssurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: isCookieSyncABTest=1; loaded-page=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 31 May 2023 08:07:38 GMT
content-type: image/jpeg
content-length: 4175
last-modified: Wed, 31 May 2023 07:52:10 GMT
vary: Accept-Encoding
etag: "6476fcaa-104f"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aDLTuVKW6szjObUahfrPiQqe1K6otnOs0djfR6HmuWryeD6NeaGf4ZuvG8SDj%2FVMTG6KDyPGvKDff7XZkPJcj0GZ1iRqYAAcjM8PgZ0FA9xhkKO2GCi%2FWdrTQCiRzD5PXKLO0aA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cfdb971a9d9b4f9-OSL
alt-svc: h3=":443"; ma=86400
aumtoukssurvey.top/img/comments/person-12.jpeg
104.21.69.184200 OK 3.5 kB URL GET HTTP/3 aumtoukssurvey.top/img/comments/person-12.jpeg
IP 104.21.69.184:443
Requested by https://aumtoukssurvey.top/finance-survey.html?z=4137511&offer_id=2025&var=&ymid=7W9jtH2xbv84n7eWTQt6cJ&ymid=7W9jtH2xbv84n7eWTQt6cJ&utm_medium=4137511&utm_content=zd_public_v2
Certificate IssuerGoogle Trust Services LLC
Subjectaumtoukssurvey.top
FingerprintA9:64:D1:6C:EF:48:A7:67:1D:0A:2E:2C:F6:FB:09:4A:6F:84:98:B5
ValidityMon, 29 May 2023 12:45:33 GMT - Sun, 27 Aug 2023 12:45:32 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Hash c937339f4ba54ff7dc150b9865c29084
44206828ca23cbed303193bde1dfe47bdc532972
8e872daac17de58d352c9f4082e6e35af76a8b2138c142a8cf0fbacea195c73e
GET /img/comments/person-12.jpeg HTTP/1.1
Host: aumtoukssurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: isCookieSyncABTest=1; loaded-page=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 31 May 2023 08:07:38 GMT
content-type: image/jpeg
content-length: 3519
last-modified: Wed, 31 May 2023 07:52:10 GMT
vary: Accept-Encoding
etag: "6476fcaa-dbf"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lJR3zj0TbwuHICq5sxKFv5gtHyfRJtCD3onJeh4d0M4kvxolYPbF4xIwtT6KUHBMHAybXCVx1eBkoR2G5sydX%2FpnCDa5FSINUxgDF7DAJJW035kg6Avx4kmEJ0axLKSXltE3ce0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cfdb971a9dbb4f9-OSL
alt-svc: h3=":443"; ma=86400
offpichuan.com/rotate?zz=4292518;4326638;5128285;4949467;5381238;5381316;5381339;5381332;5381307;5381330&var=4137511
139.45.197.237200 OK 3.8 kB URL GET HTTP/2 offpichuan.com/rotate?zz=4292518;4326638;5128285;4949467;5381238;5381316;5381339;5381332;5381307;5381330&var=4137511
IP 139.45.197.237:443
Requested by https://aumtoukssurvey.top/finance-survey.html?z=4137511&offer_id=2025&var=&ymid=7W9jtH2xbv84n7eWTQt6cJ&ymid=7W9jtH2xbv84n7eWTQt6cJ&utm_medium=4137511&utm_content=zd_public_v2
Certificate IssuerLet's Encrypt
Subjectoffpichuan.com
FingerprintDF:FD:C9:DF:54:1F:F8:D0:EB:70:9D:22:14:AB:31:A4:CA:18:1D:AE
ValidityThu, 30 Mar 2023 21:17:15 GMT - Wed, 28 Jun 2023 21:17:14 GMT
File type troff or preprocessor input, ASCII text, with very long lines (3864), with no line terminators
Hash 56c3b14a1432edea07b8b1e192077830
42259f6b07e1d4dfe1b190ec991fed0c0554ea9f
95a39dcba80b2b039d17594c432bcabfd006208c7e9895e8f07f0fc27863d06b
GET /rotate?zz=4292518;4326638;5128285;4949467;5381238;5381316;5381339;5381332;5381307;5381330&var=4137511 HTTP/1.1
Host: offpichuan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://aumtoukssurvey.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 31 May 2023 08:07:38 GMT
content-type: application/javascript
x-trace-id: 75aaa4acb7ad3f7b025d41c2702ec7a5
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: https://aumtoukssurvey.top
access-control-expose-headers: Link
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
set-cookie: OAID=1055bb31279347818904c5d8607f102e; expires=Thu, 30 May 2024 08:07:38 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2